Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecode execution

Debian: DSA-5110-1 Critical Issue: Exploitation of libxml2 Vulnerability

Multiple vulnerabilities have been discovered in the freeware Advanced Audio Decoder, which may result in denial of service or potentially the execution of arbitrary code if malformed media files are processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5109-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 27, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : faad2 CVE ID : CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278 Multiple vulnerabilities have been discovered in the freeware Advanced Audio Decoder, which may result in denial of service or potentially the execution of arbitrary code if malformed media files are processed. For the oldstable distribution (buster), these problems have been fixed in version 2.10.0-1~deb10u1. We recommend that you upgrade your faad2 packages. For the detailed security status of faad2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/faad2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Several vulnerabilities in faad2 could result in service disruption or the execution of unauthorized code; it is advisable to apply updates.. faad2 Security Update, Debian Advisory, Media File Exploit. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 27, 2022 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycode executiondebian

Debian 9 Stretch DLA-2792-1 Critical: Faad2 Heap Vulnerabilities and Risks

Several issues have been found in faad2, a freeware Advanced Audio Decoder player. They are related to heap buffer overflows or null pointer dereferences, which both might allow an attacker to execute code by . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2792-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz October 24, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : faad2 Version : 2.8.0~cvs20161113-1+deb9u3 CVE ID : CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 CVE-2021-32278 Several issues have been found in faad2, a freeware Advanced Audio Decoder player. They are related to heap buffer overflows or null pointer dereferences, which both might allow an attacker to execute code by providing crafted files. For Debian 9 stretch, these problems have been fixed in version 2.8.0~cvs20161113-1+deb9u3. We recommend that you upgrade your faad2 packages. For the detailed security status of faad2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/faad2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Ubuntu Security Notice USN-4863-1 delivers essential patches for libxml2 to mitigate risks of arbitrary code execution stemming from specially crafted XML files.. Debian LTS, faad2 update, audio decoder security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 24, 2021 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of serviceremote code execution

Debian: DSA-4522-1 Critical: faad2 Denial of Service Issues

Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4522-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Hugo Lefeuvre September 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : faad2 CVE ID : CVE-2018-19502 CVE-2018-19503 CVE-2018-19504 CVE-2018-20194 CVE-2018-20195 CVE-2018-20197 CVE-2018-20198 CVE-2018-20357 CVE-2018-20358 CVE-2018-20359 CVE-2018-20361 CVE-2018-20362 CVE-2019-15296 Debian Bug : 914641 Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder. These vulnerabilities might allow remote attackers to cause denial-of-service, or potentially execute arbitrary code if crafted MPEG AAC files are processed. For the oldstable distribution (stretch), these problems have been fixed in version 2.8.0~cvs20161113-1+deb9u2. We recommend that you upgrade your faad2 packages. For the detailed security status of faad2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/faad2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Various security flaws in faad2 may enable malicious users to run arbitrary code or lead to service interruptions. It is advisable to apply updates.. faad2 vulnerabilities, security update, Debian advisory, audio coder issues, remote attackerthreat. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 15, 2019 Critical Debian
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian LTS DLA-1899-1 Moderate: faad2 Denial Of Service

Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder: CVE-2018-19502 . Package : faad2 Version : 2.7-8+deb8u3 CVE ID : CVE-2018-19502 CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 CVE-2019-15296 Debian Bug : 914641 Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder: CVE-2018-19502 Heap buffer overflow in the function excluded_channels (libfaad/syntax.c). This vulnerability might allow remote attackers to cause denial of service via crafted MPEG AAC data. CVE-2018-20196 Stack buffer overflow in the function calculate_gain (libfaad/br_hfadj.c). This vulnerability might allow remote attackers to cause denial of service or any unspecified impact via crafted MPEG AAC data. CVE-2018-20199 CVE-2018-20360 NULL pointer dereference in the function ifilter_bank (libfaad/filtbank.c). This vulnerability might allow remote attackers to cause denial of service via crafted MPEG AAC data. CVE-2019-6956 Global buffer overflow in the function ps_mix_phase (libfaad/ps_dec.c). This vulnerability might allow remote attackers to cause denial of service or any other unspecified impact via crafted MPEG AAC data. CVE-2019-15296 Buffer overflow in the function faad_resetbits (libfaad/bits.c). This vulnerability might allow remote attackers to cause denial of service via crafted MPEG AAC data. For Debian 8 "Jessie", these problems have been fixed in version 2.7-8+deb8u3. We recommend that you upgrade your faad2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance faad2 to address a variety of security flaws affecting the integrity of audio data handling.. faad2, Debian, buffer overflow, remote attack, security advisory. . LinuxSecurity.com Team

Calendar 2 Aug 28, 2019 Debian LTS
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian 8: DLA-1791-1 Critical: Faad2 Buffer Overflow Issues

Multiple vulnerabilities have been found in faad2, the Freeware Advanced Audio Coder: CVE-2018-20194 . Package : faad2 Version : 2.7-8+deb8u2 CVE ID : CVE-2018-20194 CVE-2018-20197 CVE-2018-20198 CVE-2018-20362 Multiple vulnerabilities have been found in faad2, the Freeware Advanced Audio Coder: CVE-2018-20194 CVE-2018-20197 Improper handling of implicit channel mapping reconfiguration leads to multiple heap based buffer overflow issues. These flaws might be leveraged by remote attackers to cause DoS. CVE-2018-20198 CVE-2018-20362 Insufficient user input validation in the sbr_hfadj module leads to stack-based buffer underflow issues. These flaws might be leveraged by remote attackers to cause DoS or any other unspecified impact. For Debian 8 "Jessie", these problems have been fixed in version 2.7-8+deb8u2. We recommend that you upgrade your faad2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The recent faad2 patch for Debian 8 rectifies significant buffer overflow vulnerabilities, potentially enabling remote Denial of Service attacks.. Debian Security, Freeware Audio Coder, System Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 19, 2019 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of serviceupdate

Debian 7 DLA-1077-1 Critical: faad2 DoS Security Update

Various security issues were discovered in faad2, a fast audio decoder, that would allow remote attackers to cause a denial of service (application crash due to memory failures or large CPU consumption) via a crafted mp4 file. . Hash: SHA512 Package : faad2 Version : 2.7-8+deb7u1 CVE ID : CVE-2017-9218 CVE-2017-9219 CVE-2017-9220 CVE-2017-9221 CVE-2017-9222 CVE-2017-9223 CVE-2017-9253 CVE-2017-9254 CVE-2017-9255 CVE-2017-9256 CVE-2017-9257 Debian Bug : 867724 Various security issues were discovered in faad2, a fast audio decoder, that would allow remote attackers to cause a denial of service (application crash due to memory failures or large CPU consumption) via a crafted mp4 file. For Debian 7 "Wheezy", these problems have been fixed in version 2.7-8+deb7u1. We recommend that you upgrade your faad2 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance faad2 to fortify your infrastructure against service disruption exploits resulting from malicious mp4 media files.. Debian LTS,faad2 update,audio decoder security,remote attack protection. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 30, 2017 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoobuffer overflow

Gentoo: GLSA-200811-03 Normal: FAAD2 Buffer Overflow Threat

A buffer overflow in FAAD2 might lead to user-assisted execution of arbitrary code via an MP4 file.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200811-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: FAAD2: User-assisted execution of arbitrary code Date: November 09, 2008 Bugs: #238445 ID: 200811-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A buffer overflow in FAAD2 might lead to user-assisted execution of arbitrary code via an MP4 file. Background ========= FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-libs/faad2 < 2.6.1-r2 > = 2.6.1-r2 Description ========== The ICST-ERCIS (Peking University) reported a heap-based buffer overflow in the decodeMP4file() function in frontend/main.c. Impact ===== A remote attacker could entice a user to open a specially crafted MPEG-4 (MP4) file in an application using FAAD2, possibly leading to the execution of arbitrary code. Workaround ========= There is no known workaround at this time. Resolution ========= All FAAD2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/faad2-2.6.1-r2" References ========= [ 1 ] CVE-2008-4201 https://www.cve.org/CVERecord?id=CVE-2008-4201 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200811-03 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Security Advisory GLSA 201001-05 addresses a vulnerability in VLC allowing for potential execution of unauthorized commands.. FAAD2, Buffer Overflow, Gentoo Advisory, Arbitrary Code Execution. . LinuxSecurity.com Team

Calendar 2 Nov 09, 2008 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here